The RomCom attackers aren’t the only ones that have been leveraging the newly unveiled WinRAR vulnerability (CVE-2025-8088) in zero-day attacks: according to Russian cybersecurity company BI.ZONE, a group tracked as Paper Werewolf has been using it to target Russian organizations. BI.ZONE researchers may have also uncovered how RomCom and Paper Werewolf got their hands on the same exploit: it looks like it may have been offered for sale on a cybercrime forum in late June … More
The post WinRAR zero-day was exploited by two threat actors (CVE-2025-8088) appeared first on Help Net Security.